Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
The governor of Minnesota in the US has activated the National Guard in the fallout of a major cyber attack against the state’s capital city, Saint Paul.
Saint Paul is the capital of Minnesota and is the second-largest city after Minneapolis, with a population of over 311,000.
Hackers launched a cyber attack on the city on Friday last week (25 July), leading to a number of systems across the city going offline, including offline payments and some services in recreation centres and libraries.
“While many city services remain available, some may be temporarily delayed or disrupted due to limited system access. We appreciate your patience and understanding as we work to bring systems fully back online,” the city said.
With the cyber attack’s effects continuing over the weekend, Governor Tim Walz has signed an executive order activating the National Guard to assist in dealing with the cyber attack.
“On Friday, July 25, 2025, the City of St. Paul experienced a cyber attack that targeted critical systems and digital services. This cyber attack persisted through the weekend, causing significant disruptions and impairing St. Paul’s ability to provide vital services,” said Walz’s executive order.
“St. Paul officials have been working around the clock since discovering the cyber attack, closely coordinating with Minnesota Information Technology Services and an external cyber security vendor.
“Unfortunately, the scale and complexity of this incident exceeded both internal and commercial response capabilities. As a result, St. Paul has requested cyber protection support from the Minnesota National Guard to help address this incident and make sure that vital municipal services continue without interruption.”
In a separate statement, Walz said that the Minnesota National Guard’s cyber team will work closely with city, state and federal agencies to halt the cyber attack, restore systems, and mitigate long-term effects of the incident.
No threat actors have currently claimed responsibility for the incident, nor has a culprit or the attack vector been identified.
Just last year, the US Army National Guard was breached by Chinese state-sponsored threat actor Salt Typhoon.
The threat group likely utilised living-off-the-land (LOTL) techniques, remaining undetected for nine months in 2024. During that time, the group exfiltrated network configuration files and admin credentials.
The group reportedly aimed to exfiltrate US government sensitive call logs, law-enforcement wiretap systems and private communications.
“Between March and December 2024, Salt Typhoon extensively compromised a US state’s Army National Guard’s network and, among other things, collected its network configuration and its data traffic with its counterparts’ networks in every other US state and at least four US territories, according to a DOD report,” said a Department of Homeland Security memo.
Be the first to hear the latest developments in the cyber industry.
